I'm implementing a plug-in that's embeddable in different sites like disqus.The plug-in is supposed to be embeddable in sites with different domain names whic I don't own. I would like to access user login status if user has already logged in an other site that is using my plug-in. I haven't able to find an answer to do this yet.
What I need is:
How can I do that?
Thanks in advance.
Due to CORS protection, if the server A or B don't allow cross domain request, you can't call them from the browser itself. It's a security feature.
If you want to do this and don't have access directly on A and B, you will have to use A and/or B API (if they exist) or use a C server as an intermediary for your requests.
Request header as well as server CROS prevention mechanism will not allow to login. Below is one of the solution to achive it.
SSO Single Sign ON, is one of the way by that we can come up with this problem. To achive SSO just create some service that will check for token (token based authetication as well as we can check for coming url request) and allow login (it is no where related to Windows, Forms authentication).
It's a kind of third party authentication mechanism, which will work basis of token based security and allow login.
©2020 All rights reserved.